cbcvebase.
CVE-2023-32804
published 2023-12-04

CVE-2023-32804: Out-of-bounds Write vulnerability in Arm Ltd Midgard GPU Userspace Driver, Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd…

PriorityP341high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.23%
13.5th percentile
Out-of-bounds Write vulnerability in Arm Ltd Midgard GPU Userspace Driver, Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a local non-privileged user to write a constant pattern to a limited amount of memory not allocated by the user space driver.This issue affects Midgard GPU Userspace Driver: from r0p0 through r32p0; Bifrost GPU Userspace Driver: from r0p0 through r44p0; Valhall GPU Userspace Driver: from r19p0 through r44p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r44p0.

Affected

10 ranges
VendorProductVersion rangeFixed in
arm5th_gen_gpu_architecture_kernel_driverr41p0 – r44p0
armbifrost_gpu_kernel_driverr0p0 – r44p0
armmidgard_gpu_kernel_driverr0p0 – r32p0
armvalhall_gpu_kernel_driverr19p0 – r44p0
arm_ltdarm_5th_gen_gpu_architecture_userspace_driverr41p0 – r44p0
arm_ltdbifrost_gpu_userspace_driverr0p0 – r44p0
arm_ltdmidgard_gpu_userspace_driverr0p0 – r32p0
arm_ltdvalhall_gpu_userspace_driverr19p0 – r44p0
googleandroid
googlechrome_chrome
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.